[17:38] <roblabla> Hey everyone, sorry if this is the wrong channel. I was wondering what were the steps to request a change in the default ubuntu kernel config? I'd like to have bpf added to CONFIG_LSM, as some software I'm working on requires it. Currently, to workaround this, I have to ask my users to fiddle with their GRUB_CMDLINE_LINUX value, update grub, and
[17:38] <roblabla> reboot, which is not ideal and introduces a lot of friction ^^'.
[18:03] <john-cabaj> @roblabla, I would open a Launchpad bug here - https://bugs.launchpad.net/ubuntu/+source/linux
[18:04] <juergh> roblabla, the correct way would be to open an LP ticket but that change won't happen. We don't want BPF enabled for everybody, too risky.
[18:06] <roblabla> juergh Do you mean BPF LSM specifically? Because BPF is already enabled afaict.
[18:09] <juergh> yes BPF LSM. I think we keep it deliberately off for security reasons. One can always enable it via the commandline.
[18:09] <roblabla> And if it's BPF LSM, can you explain what makes them so dangerous? I'm asking because Ubuntu is the only platform giving me trouble - Debian, SLES, ArchLinux, RHEL, Fedora all have it enabled by default.